我如何使用.htaccess和mod_rewrite页面特定于PHP强制到SSL/https。


当前回答

简单易行,只需添加以下内容

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

其他回答

简单一点:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^(www\.example\.com)(:80)? [NC]
RewriteRule ^(.*) https://example.com/$1 [R=301,L]
order deny,allow

用example.com替换你的url

简单易行,只需添加以下内容

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

我只是想指出,当跨目录深度使用多个.htaccess文件时,Apache的继承规则是最差的。两个主要陷阱:

默认情况下,只有包含在最深的.htaccess文件中的规则将被执行。你必须指定RewriteOptions InheritDownBefore指令(或类似指令)来改变这个。(见问题) 该模式应用于相对于子目录的文件路径,而不是包含给定规则的.htaccess文件的上层目录。(见讨论)

这意味着如果您在子目录中使用任何其他.htaccess文件,则Apache Wiki上建议的全局解决方案将不起作用。我写了一个修改后的版本:

RewriteEngine On
# This will enable the Rewrite capabilities

RewriteOptions InheritDownBefore
# This prevents the rule from being overrided by .htaccess files in subdirectories.

RewriteCond %{HTTPS} !=on
# This checks to make sure the connection is not already HTTPS

RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [QSA,R,L]
# This rule will redirect users from their original location, to the same location but using HTTPS.
# i.e.  http://www.example.com/foo/ to https://www.example.com/foo/

我发现了一个mod_rewrite解决方案,它既适用于代理服务器,也适用于未代理服务器。

如果您正在使用CloudFlare、AWS弹性负载平衡、Heroku、OpenShift或任何其他云/PaaS解决方案,并且您正在使用正常的HTTPS重定向循环,请尝试以下代码片段。

RewriteEngine On

# If we receive a forwarded http request from a proxy...
RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]

# ...or just a plain old http request directly from the client
RewriteCond %{HTTP:X-Forwarded-Proto} =""
RewriteCond %{HTTPS} !=on

# Redirect to https version
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

尝试这段代码,它将工作于所有版本的url像

website.com www.website.com http://website.com http://www.website.com 重写%{HTTPS} off ^www.website.com$ [NC] RewriteRule ^ (. *) https://www.website.com/ 1美元(L, R = 301)